SRV.2.3.1 PrincipalA principal is an entity that can be authenticated by an authentication protocol. A principal is identified by a principal name and authenticated by using authentication data . The content and format of the principal name and the authentication data depend on the authentication protocol. SRV.2.3.2 Security Policy DomainA security policy domain is a scope over which security policies are defined and enforced by a security administrator of the security service. A security policy domain is also sometimes referred to as a realm . SRV.2.3.3 Security Technology DomainA security technology domain is the scope over which the same security mechanism, such as Kerberos, is used to enforce a security policy. Multiple security policy domains can exist within a single technology domain. SRV.2.3.4 RoleA role is an abstract notion used by a developer in an application that can be mapped by the deployer to a user , or group of users, in a security policy domain. |